[asterisk-commits] file: branch file/sha256-a-harsh-reality r417185 - /team/file/sha256-a-harsh-...
SVN commits to the Asterisk project
asterisk-commits at lists.digium.com
Tue Jun 24 08:37:10 CDT 2014
Author: file
Date: Tue Jun 24 08:37:02 2014
New Revision: 417185
URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=417185
Log:
Handle receiving SSL traffic before ICE negotiation completes.
Modified:
team/file/sha256-a-harsh-reality/res/res_rtp_asterisk.c
Modified: team/file/sha256-a-harsh-reality/res/res_rtp_asterisk.c
URL: http://svnview.digium.com/svn/asterisk/team/file/sha256-a-harsh-reality/res/res_rtp_asterisk.c?view=diff&rev=417185&r1=417184&r2=417185
==============================================================================
--- team/file/sha256-a-harsh-reality/res/res_rtp_asterisk.c (original)
+++ team/file/sha256-a-harsh-reality/res/res_rtp_asterisk.c Tue Jun 24 08:37:02 2014
@@ -855,6 +855,13 @@
SSL_set_bio(rtp->rtcp->ssl, rtp->rtcp->read_bio, rtp->rtcp->write_bio);
+ if (rtp->rtcp->dtls_setup == AST_RTP_DTLS_SETUP_PASSIVE) {
+ SSL_set_accept_state(rtp->rtcp->ssl);
+ } else {
+ SSL_set_connect_state(rtp->rtcp->ssl);
+ }
+ rtp->rtcp->connection = AST_RTP_DTLS_CONNECTION_NEW;
+
return 0;
error:
@@ -1007,6 +1014,13 @@
BIO_set_mem_eof_return(rtp->write_bio, -1);
SSL_set_bio(rtp->ssl, rtp->read_bio, rtp->write_bio);
+
+ if (rtp->dtls_setup == AST_RTP_DTLS_SETUP_PASSIVE) {
+ SSL_set_accept_state(rtp->ssl);
+ } else {
+ SSL_set_connect_state(rtp->ssl);
+ }
+ rtp->connection = AST_RTP_DTLS_CONNECTION_NEW;
return 0;
@@ -1238,25 +1252,29 @@
#ifdef HAVE_OPENSSL_SRTP
if (rtp->ssl) {
- SSL_clear(rtp->ssl);
- if (rtp->dtls_setup == AST_RTP_DTLS_SETUP_PASSIVE) {
- SSL_set_accept_state(rtp->ssl);
- } else {
- SSL_set_connect_state(rtp->ssl);
- }
- rtp->connection = AST_RTP_DTLS_CONNECTION_NEW;
+ if (SSL_is_init_finished(rtp->ssl)) {
+ SSL_clear(rtp->ssl);
+ if (rtp->dtls_setup == AST_RTP_DTLS_SETUP_PASSIVE) {
+ SSL_set_accept_state(rtp->ssl);
+ } else {
+ SSL_set_connect_state(rtp->ssl);
+ }
+ rtp->connection = AST_RTP_DTLS_CONNECTION_NEW;
+ }
SSL_do_handshake(rtp->ssl);
dtls_srtp_check_pending(instance, rtp, 0);
}
if (rtp->rtcp && rtp->rtcp->ssl) {
- SSL_clear(rtp->rtcp->ssl);
- if (rtp->rtcp->dtls_setup == AST_RTP_DTLS_SETUP_PASSIVE) {
- SSL_set_accept_state(rtp->rtcp->ssl);
- } else {
- SSL_set_connect_state(rtp->rtcp->ssl);
- }
- rtp->rtcp->connection = AST_RTP_DTLS_CONNECTION_NEW;
+ if (SSL_is_init_finished(rtp->rtcp->ssl)) {
+ SSL_clear(rtp->rtcp->ssl);
+ if (rtp->rtcp->dtls_setup == AST_RTP_DTLS_SETUP_PASSIVE) {
+ SSL_set_accept_state(rtp->rtcp->ssl);
+ } else {
+ SSL_set_connect_state(rtp->rtcp->ssl);
+ }
+ rtp->rtcp->connection = AST_RTP_DTLS_CONNECTION_NEW;
+ }
SSL_do_handshake(rtp->rtcp->ssl);
dtls_srtp_check_pending(instance, rtp, 1);
}
More information about the asterisk-commits
mailing list